Category: information

An Introduction to Scambaiting

We have all received unsolicited emails offering us a ’get rich quick’ opportunity. These are soften called 419 scams or Advance Fee scams. The scammer makes you believe there is a fortune for you to collect but you end up paying a small fee then another fee then another until eventually you realise it’s a con and give up.

You can just delete these messages or you can choose to play the scammers at their own game. They lie so why shouldn’t you. Make up your own persona and story.

The are various communities of scambaiters and the most famous is 419eater which you can find at 419eater.com with lots of examples of what they do.

Why Scambait?

It is very difficult to stop these people, but by wasting their time you are preventing their attention on scamming someone else. Plus an effective scambait may well give you personal information about the scammer – that can be passed on to the Authorities. Reporting the scambait online also warns others of how the scams work and what they can to tie up the scammers. If you can get their name, address and more then you can publish it on a scambaiter website.

Scambaiting Strategies

Create yourself a fake persona with name, address, email addresses, back story etc. and you’re ready to go when a 419 scam lands in your email inbox.

The most common strategies used by scambaiters are:-

  • just go with whatever comes up in the emails
  • try to get the scammer to join your Church. Promise the payments he wants once he has joined you imaginary Church.
  • get the scammer to pay the freight charge of delivering something entirely useless to him. Gives you an address to publish.
  • get the scammer to travel to meet you (you wont be there of course) e.g. your false address
  • make up characters to bring into the story e.g. Messrs Screw Hup and Ivor Itch solicitors or a fake Church Deacon or your neighbour Mac Donald

Keep those scammers busy and have some fun at their expense.

Fightback Ninja Signature

How Accidental Data Leaks Happen

It’s easy to assume that all data breaches are the result of criminal activity, but that’s far from true.

A study of data from 2016/17 showed that 92% of security data incidents and 84% of confirmed data breaches were due to accidents or mistakes.

Here are the most common problems leading to leaks of data:

1. Expired Security Certificates

These certificates are an essential component in protecting systems and Equifax found out the hard way in 2017 when hackers accessed huge amounts of confidential data through an expired certificate. This data included 143 million records exposed containing names, addresses, dates of birth, Social Security numbers, and driver license numbers.

The data was stolen by hackers who exposed a vulnerability in Equifax’s web servers. If the relevant security certificates had been updated as they should have been – the hackers couldn’t have used that way in.

2. Unsecured Third Party Vendors

Many websites and complex systems are a mix of the owner’s software plus a variety of third party plugins, addons and linked external services. As in any other part of life – the weakest link determines the safety level of the whole system. If the 3rd parties aren’t adequately secured then the whole system becomes vulnerable.

3. Poor Email Security

Most hackers still gain access through phishing – that is sending out emails that attract people to respond in some way that gives the hackers the information they need to access systems. Maybe it’s through a fake quiz that requires a login and password or an offer of a gift token etc.

Or could just be that people haven’t learned the need to use passwords that are unguessable and not to write them down by their desk.

A company named Nightfall protects systems data and they have created the following article to explain in more detail how accidental data leaks can happen: https://nightfall.ai/resources/accidental-data-leaks/

If you have any experiences with these scams do let me know, by email.

Fightback Ninja Signature

Scammers Target the Elderly

Many scammers believe that they can more easily trick older people, or that older people have the time to listen and be some are more opportunistic and realise that retired people are more likely to be at home during the day when scammers call.

The Most Common Scams Targeting the Elderly

  1. Health insurance scams – scammers offer unrealistically cheap insurance cover but really they just want your money and personal details – there is no insurance.
  2. Fake prescription drugs – it’s very dangerous to buy prescription drugs from a non accredited source as you can not be sure what you get will be safe and contain the genuine medicine.

3.Funerals —fraudsters use obituaries to find out information about the deceased, then attempt to extort money from family members or grieving spouses, by falsely claiming for debts.

4.Anti-aging products — scammers offer various products which either don’t exist or are worthless.

5.Investments — pension release schemes, Ponzi schemes, guaranteed winners on the stock market etc. However good a scheme sounds, always check with an independent reputable expert.

  1. Homeowner/reverse mortgage scams – it is quite common for people who have paid off their mortgage and would like some cash to take out a new mortgage and the scammers offer an assortment of fake mortgages.
  2. Lotteries —This is generally invitation to join a wonderful lottery, but the tickets are fake so you have no chance of winning.
  3. The grandparent scam —this is a very nasty one as it frightens people. The scammer calls and pretends to be a grandchild. They wait for the victim to use the grand child’s name then claim to be that person but with urgent financial problems. The scammers asks for payment by transfer through Moneygram or Western Union usually as these payments cannot be traced or reversed.
  4. Charity Scams – scammers setup fake charities to take advantage of people’s generosity.

Trust your instincts. If you feel at all wary or suspicious, you’re probably right!

“Sixty and Me” have created a detailed list of the common scams targeting elderly and how to avoid them.

Got to https://sixtyandme.com/seniors-scams/

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

Australian Scam Losses

 

Statistics show that in 2019, Australians lost $634 million to scammers, made up as follows:

 

(note: this only covers scams reported to the authorities).

Scam Type

Money Lost

Investment Scams $61.8M
Dating and Romance $28.6M
False Billing $10.1M
Hacking $5.3M
Online Shopping $4.8M
Remote Access Scams $4.8M
Identity Theft $4.3M
Threats to Life $4.3M
Classified Scams $2.8M
Inheritance Scam $2.6M

 

If you have any experiences with scammers, spammers or time-wasters do let me know, by email.

Fightback Ninja Signature

Phishing Tackle Website

Phishing Tackle at  https://www.phishingtackle.com/  offer a range of online courses to help keep businesses safe from Phishing scams. These scams are where scammers send out messages (usually by email but can also be by text and phone call) claiming to be a trusted organisation e.g. HMRC, local council, Marks and Spencers, Nat West Bank, The Police and so on. They are after your personal information and especially login and password information and financial details.

Over 90% of data breaches are caused by an end-user clicking on a phishing email and Phishing Tackle say they reduce the risk of people clicking on phishing emails.

Phishing Tackle’s automated online security awareness training, simulated phishing and policy management platform reduces the risk of end-users clicking on phishing emails by over 90% – that’s the claim.

Website resources include:-

  • A click-prone test
  • Domain spoof test
  • Phishing quiz

And lots of information on various types of online scams.

Free Phishing Awareness & Training is available to not-for-profits in some cases.

They also offer a manged service to protect businesses.

The website is a good resource for those looking to protect their business from Phishing scams

If you have any experiences with phishing scams do let me know, by email.

Fightback Ninja Signature

 

Cold Caller Number Lookup

It is estimated that each day, twelve million people in the UK receive one or more cold calls.

Have you received a scam call or an annoying cold call and wished you could register their phone number online to warn others about them?

Or do you want to know if a caller is a scammer or cold caller?

Go to www.badnumbers.co.uk   to check their number or register the caller’s number as ‘bad’.

Bad Numbers is a reverse telephone number lookup website and has collected over 20,000 ‘bad’ telephone numbers so far.

The website is very simple – you just type in a number and see if it is already registered. If not and you want to register it then you type in why and that’s about it.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature